package tech.dongling.boot.plugins.impl;

import cn.hutool.http.HtmlUtil;
import tech.dongling.boot.anno.Order;
import tech.dongling.boot.common.base.HttpBizRequest;
import tech.dongling.boot.plugins.RequestPlugin;

import java.util.Properties;

// XSS过滤插件（@Order=20）
@Order(20)
public class XssFilterPlugin implements RequestPlugin {
    boolean enabled = false;

    @Override
    public void init(Properties config) {
        if ("true".equals(config.getProperty("xss.enabled"))) {
            enabled = true;
            System.out.println("XssFilterPlugin init");
        }

    }

    @Override
    public void process(HttpBizRequest request) {
        if (enabled) {
            request.getParams().replaceAll((k, v) -> HtmlUtil.filter(v));
            if (request.getBody() != null) {
                request.getBody().forEach((k, v) -> {
                    if (v instanceof String) request.getBody().set(k, HtmlUtil.filter((String) v));
                });
            }
        }

    }
}
